Converge, collaborate and conquer IT and OT security risks

Security padlock over binary code on a screen
Image Credit: Shutterstock (Image credit: Shutterstock)

As the world transitions towards Industry 4.0, cyberattacks are no longer limited to the IT infrastructure of organizations. Threat actors are increasingly targeting critical infrastructure and operational technology (OT) in organizations from different industries. For instance, The European Union Agency for Cybersecurity (ENISA) has warned that ransomware groups will likely target and disrupt OT operations in the transport sector, in the foreseeable future.

One reason is that IT and OT networks have historically operated in siloes with limited collaboration. This has resulted in the lack of a cohesive strategy for organization-wide security risk management. While IT security teams are often adept at handling the latest threats, risks on the OT plant network side usually go undiscovered and unnoticed.

Industrial Control Systems (ICS) often prioritize the ability to deliver uninterrupted services and lack security by design. Sectors such as oil and gas, transport, energy, and maritime tend to rely on legacy OT systems with outdated hardware and software. They grapple with issues ranging from dated and insecure passwords to a lack of remote monitoring to detect suspicious behavior.

The lack of integration between OT and IT means that OT systems are deprived of the benefits of mature IT security controls that enable swift risk management, leading to severe business losses in several cases.

A comprehensive and integrated security risk management strategy requires the convergence of security technology operations and collaboration between IT and OT teams to conquer cybersecurity threats together.

Shambhulingayya Aralelemath

Global Delivery head of the CyberSecurity Practice at Infosys.

A case for IT-OT convergence

The adoption of Industry 4.0, digitization, and stringent regulatory norms and compliances are strengthening the case of IT and OT convergence. Such a convergence can potentially deliver a host of benefits around automation, data exchange, and smart decision-making capabilities.

When integrated, OT systems can tap into IT security solutions such as Security Information and Event Management (SIEM), log management, firewalls for segmentation, security service management, and directory systems. Organisations can benefit from improved mean-time-to-detect (MTTD) and mean-time-to-respond and resolve (MTTRR). The convergence of IT and OT systems delivers long-term benefits of improved efficiency and reduced costs of operations.

Cracking the IT-OT Collaboration code

The convergence of IT and OT systems can be challenging due to factors such as the vulnerability of OT systems, the complexity of legacy networks, and cultural differences and skills gaps between IT and OT teams. OT teams must bear the additional burden of complying with more stringent regulatory compliance.

Here are some ways to overcome these challenges:

  • Establish a cross-functional team with representatives from OT and IT departments. This would include investing in training and skill development for both teams.
  • Foster effective communication and understanding by developing a common language. Organizations can effectively do that by defining common objectives and goals to create a shared vision for convergence.
  • Conduct a gap analysis collaboratively to identify areas of improvement and develop targeted strategies. This would require creating an integration roadmap considering technology compatibility, data and system integration, and security.
  • Encourage collaboration and knowledge sharing through regular meetings and training sessions. Often, a reluctance to change, especially those manning legacy OT systems can hinder convergence for which organizations may need to foster a culture of collaboration and adaptation to embrace change.
  • Prioritize security through risk assessments, access controls, and monitoring. An effective way of doing that will require seeking external expertise from consultants or experts in OT and IT convergence.

Organizations must also assign dedicated leaders and establish governance structures that can oversee the convergence process while keeping the organizational goals and objectives in mind. A phased implementation can help reduce complexity and mitigate risks.

Conquer and amplify ability to mitigate risks

According to an Applied Risk survey of IT and OT security practitioners in the United States and Europe, 63% of respondents believe that the integration of IT and OT security operations centers (SOCs) will have the biggest impact on the management of cyber security risks.

The report also noted that nearly half of the respondents believe that a limited cybersecurity culture among key stakeholders is an impediment. Hence, organizations must ensure effective change management by addressing the cultural and organizational aspects of the convergence journey, including communication, stakeholder engagement, training, and addressing employee concerns and resistance to change.

Also, organizations must appraise and implement important regulations such as Network and Information Security (NIS) by supplementing them with additional features, like strong authentication, access controls, network segmentation, encryption, intrusion detection and prevention systems, and regular security monitoring and updates.

Amid escalating cyberattacks and geopolitical upheavals resulting in losses worth millions of euros, the convergence of OT systems with IT is a crucial step to safely transition into Industry 4.0

To conclude

With the convergence of technology and Ops and collaboration between IT and OT teams, an organization can strengthen its overall security posture, quickly mitigate threats, and minimize overall security risks proactively.

We've featured the best business VPN.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here:

Shambhulingayya Aralelemath (Shambhu) is the Global Delivery head of the CyberSecurity Practice at Infosys. He has expertise in information technology and cybersecurity across various industries.